I am trying to enable DKIM for inbound email. I assume, this would get EFA to verify all incoming mail against the DMARC/DKIM system.

I noticed the following,

1) servers that I used my EFA for, might send me back a 'message not delivered'
2) this will cause EFA to send a 'return email', that is from my domain, and thus, it will fail, as EFA don't do outbound DKIM signing?
3) Is there a way for me to direct all EFA return email to another smtp outbound host?

# Add the "Inline HTML Signature" or "Inline Text Signature" to the end
# of uninfected messages?
# If you add your own signature in your email application, and include the
# magic token "_SIGNATURE_" in your email message, the signature will be
# inserted just there, rather than at the end of the message.
# This can also be the filename of a ruleset.
# EFA Note: CustomAction.pm will Sign Clean Messages instead using the custom(nonspam) action.
Sign Clean Messages = %rules-dir%/sig.clean.messages.rules

c) Create a file sig.clean.messages.rules at /etc/Mailscanner/rules/ [You can copy from an existing file rule to keep permissions]